This document describes how to securely connect to Public WiFi networks, which often lack basic security features that could compromise a device or data during transmission.
Think Twice Before Connecting to Public WiFi
Remember that anything you do on a public WiFi network (e.g., WiFi network at a coffee shop, hotel, airport, etc.) may not be secure. If you need to connect to a public WiFi network, please ensure the following safety tips to ensure you are protecting MassArt's data and your device from cybersecurity threats. These tips should also be considered for personal browsing on public networks.
Use a VPN
Use MassArt’s virtual private network (VPN) to secure your connection.
MassArt employees (faculty and staff) can start a VPN connection provided by the College which secures online interactions and avoids many of the issues associated with insecure public WiFi networks. A VPN connection creates a secure “tunnel” to another network over the internet. VPNs can be used to access region-restricted websites, shield your browsing activity from prying eyes on public WiFi, and more. When using a personal computer, consider using one of the many free VPN providers that will help secure your web browsing sessions.
Avoid Personally Identifying Information (PII)
Do not access any personally identifiable information (PII) on an unsecured public WiFi network.
PII is typically stored online in bank accounts, healthcare providers, etc., and, for MassArt employees, it could be stored in Google Drive, Gmail, or on the file server (e.g., MCAFS01). If you must access PII on a public WiFi, do so only after enabling a VPN connection.
Use secure HTTPS
HTTP and HTTPS are widely used transfer protocols used on the internet to provide access to web pages. HTTP connections are NOT secure, and should be avoided. HTTPS connections are secured, and are the preferred method of access for web browsing. This article provides additional information on HTTP vs. HTTPS, and why users should use HTTPS. Most modern browsers allow you to configure an HTTPS-only or HTTPS-first mode, which re-directs your browser to an HTTPS version of a website even if you accidentally load the insecure site. Many browsers now have this option set by default. Users are advised to avoid HTTP websites completely to ensure security.
Secure HTTPS
Depending on which browser your are using, secure HTTPS sites may display the https:// string in the URL field, and/or a lock or similar icon to indicate a secure connection.
Insecure HTTP
Depending on which browser your are using, insecure HTTP sites may display the http:// string (i.e., no "s" after http) in the URL field, a text warning (e.g., Not Secure), or an icon, typically a lock with a red line through it, or an alert symbol (e.g., a triangle icon with an exclamation point inside of it), or similar icon to indicate an insecure connection.
Use your mobile device as a hotspot
If you can’t use a VPN to connect, consider setting up a personal hotspot using your mobile device, and connecting your computer temporarily to that personal hotspot. Mobile device connections to cell phone carriers data networks are substantially more secure than an unsecured public WiFi network. Please refer to these iOS instructions and Android instructions
Enable your device’s firewall
Most computers have a built-in firewall which can be enabled to provide extra security for your device, especially when you are connected to an unsecured WiFi network. Use this article from Microsoft and choose the Public network (Recommended) option when presented with the choice in Windows 10 when you are connecting to a public network. Using this article from Apple, you can enable and configure the firewall on your macOS device, but usually the default settings will provide a good balance of functionality and security.
Portions of this article reprinted with permission of IDG Communications, Inc.